Chris Evans discovered a buffer overflow in the color space handlingcode of the Ghostscript PostScript/PDF interpreter, which might resultin the execution of arbitrary code if a user is tricked into processinga malformed file.

For the stable distribution (etch), this problem has been fixed in version8.54.dfsg.1-5etch1 of gs-gpl and 8.15.3.dfsg.1-1etch1 of gs-esp.

For the old stable distribution (sarge), this problem has been fixed inversion 8.01-6 of gs-gpl and 7.07.1-9sarge1 of gs-esp.

The unstable distribution (sid) will be fixed soon.

We recommend that you upgrade your gs-esp and gs-gpl packages.

Upgrade instructions- --------------------

wget url will fetch the file for youdpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line forsources.list as given below: